Cisco released its semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication on March 27, 2019. In direct response to customer feedback, Cisco releases bundles of Cisco IOS and IOS XE Software Security Advisories on the fourth Wednesday of the month in March and September of each calendar year.
The March 27, 2019, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication includes 17 Cisco Security Advisories that describe 19 vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Cisco has released software updates that address these vulnerabilities.
All vulnerabilities have a Security Impact Rating (SIR) of High. Successful exploitation of the vulnerabilities could allow an attacker to gain elevated privileges for an affected device or cause a denial of service (DoS) condition on an affected device.
Six of the vulnerabilities affect both Cisco IOS Software and Cisco IOS XE Software. One of the vulnerabilities affects Cisco IOS Software and ten of the vulnerabilities affect Cisco IOS XE Software. Cisco has confirmed that none of the vulnerabilities affect Cisco NX-OS Software.
To quickly determine if a specific Cisco IOS or IOS XE Software release is affected by one or more vulnerabilities, use the Cisco IOS Software Checker.